数字货币环境中的代币和账户（英文版）.pdf

FEDS Notes Twitter Share RSS December 23, 2020 Tokens and accounts in the context of digital currencies Alexander Lee, Brendan Malone, and Paul Wong Introduction Several years ago, innovation in financial markets began to generate discussion of digital tokens and tokenization of financial assets. When these ideas first entered the public discourse, they were used to help illustrate a possible future state where financial instruments could be turned into digital objects and transferred in real time across the globe without financial intermediaries. Established financial institutions proposed to tokenize securities to speed up settlement and enhance collateral mobilization. Technology startups proposed digital tokens tied to fiat currencies and other assets (for example, gold, diamonds, and other commodities). As work in these areas progressed from speculative ideation to concrete technology development, central banks began actively researching digital tokens through distributed ledger technology (DLT) experiments. Despite the prevalence of the terms token and tokenization, their meanings are still confusing to most. What is a token from a technical perspective, and from a conceptual or functional perspective? Many people use token as if its meaning were self-evident. References to tokens in the economics literature, computer science publications, technology blog posts, and general newspapers are inconsistent, as different people use the term to describe different (but related) things. Is a token a physical object, a digital object, something defined by a smart contract, or something else entirely? This lack of consistency has arguably led to further confusion and miscommunication. Understanding the context in which tokens are referred to is important to understanding digital currencies. The goal of this note is not to propose new terminology or definitions, but rather to provide guidance that can help prevent potential confusion or miscommunication in the use of the terms token and account. The first section of this note explains how the cryptocurrency community has approached the concepts of tokens and tokenization. The second section looks at the domains of payment economics and central banks, and discusses tokens in the context of CBDC. The note concludes by highlighting some issues with the tokens vs. accounts dichotomy and the potential challenges that could arise as a result of the continued use of these ambiguous terms. Tokens and the cryptocurrency community Terminology regarding tokens in the cryptocurrency community has evolved, with no sole authority on exact definitions. Current concepts of tokens and tokenization likely originate from their usage in the context of Ethereum, a large public blockchain that offers a robust programming capability in the form of so-called smart contracts. An early use case for this flexible programmability was the definition of custom assets, and the Ethereum community proposed a standard for fungible units of value termed tokens shortly after its public launch. The adopted standard, widely known by its proposal identifier ERC-20, is arguably the primary reference point for the concept of tokens on Ethereum and other public blockchains today. Ethereum, smart contracts, and the ERC-20 token standard The public Ethereum blockchain, launched in 2015, was inspired by the core design of Bitcoin as a distributed ledger that does not require a central authority to coordinate agreement on its contents. Beyond this fundamental decentralized recordkeeping functionality, Ethereum introduced additional programming capability for interacting with the ledger contents. While Bitcoin does allow for the programming of spending conditions applicable to certain discrete amounts of bitcoin, Ethereums design allows for the creation of generalized computer programs known as smart contracts, which are executable code stored on the Ethereum blockchain. A smart contract may be as simple as a calculator or as complicated as The DAO, an early experiment that was essentially a decentralized investment fund. The public functions of these smart contracts can be executed by any user of the Ethereum system and by other smart contracts. An early use case for smart contracts was the programmatic definition of assets (or representations thereof) on a blockchain. The Ethereum community termed these assets tokens. The general idea was that a smart contract could define its own ledger for tracking user balances of a token (essentially a sub-ledger of Ethereum, specific to that particular smart contract) and allowing users to transact in the asset represented by that token. Given the flexibility of 1 2 3 4 5 6smart contracts programming on Ethereum, there are a great many ways to implement such a system; thus, in order to allow for more consistent interoperability of tokens, a standard interface for fungible tokens was proposed and adopted shortly after Ethereums launch. This standard is known by its proposal number, ERC-20. Tokens issued by smart contracts that adhere to this standard are referred to as ERC-20 tokens. The standard interface allows for various functionality, including sending tokens from address to address on the blockchain, delegating them to a third party as an allowance, and assigning them an identifier akin to a ticker symbol. The widespread adoption of the ERC-20 standard has likely helped shape the notion of a cryptocurrency token as a custom asset issued on top of a blockchain through the use of smart contracts. Other blockchain platforms which have followed Ethereums lead in offering flexible programming capability, such as Eos, Cardano, Tezos, and Stellar, all allow for the issuance of custom assets that the cryptocurrency community terms tokens. How do tokens on the Ethereum network differ from ether? Ethereum has a native cryptocurrency, ether, that is used to pay for all transactions processed by the network. Ether itself, however, is not an ERC-20 token; rather, it is an intrinsic part of the blockchain platform which predates the existence of any ERC-20 tokens. An Ethereum transaction may consist of a simple transfer of ether itself from one user to another, or it may be a call to a particular smart contracts function. Depending on the amount of computation that the Ethereum network must perform in order to execute the transaction, a corresponding fee will be charged in ether. A simple user-to-user transfer of ether may incur a low fee, while a call to a smart contract function that performs a large amount of mathematical computation may incur a high fee. This fee-for-computation policy means that the functions for interacting with ERC-20 smart contracts as described above, such as sending ERC-20 tokens from one user to another, incur their own transaction fees denominated in ether. Thus, while it is possible to transact value denominated in ether without the need for any other payment instrument, the same is not true of ERC-20 tokens: in order to transact in the latter, a user must also maintain a balance of ether for paying network transaction fees. How are ERC-20 tokens recorded and transferred on the blockchain? Chief among Ethereums functionalities is electronic recordkeeping. Unlike Bitcoin, which handles recordkeeping using a format known as unspent transaction outputs (also referred to as UTXO), Ethereum records information via account addresses. These account addresses are conceptually similar to user accounts in traditional finance. However, in Ethereum, these accounts and associated balances on any ERC-20 sub-ledger are distributed across a decentralized network of participating computational nodes; thus, the only place where (balances of) ERC-20 tokens exist is on this network. While software for controlling user balances of these tokens has come to be known as a cryptocurrency wallet, such wallets do not hold anything with a unit of value (as the name might suggest). Rather, a cryptocurrency wallet holds a private key that allows its holder to authorize transactions on a blockchain platform, in a manner loosely akin to placing ones signature on a check. While tokens may be viewed or controlled via wallet software, to the extent that they exist, it is only in the replicated databases maintained by a blockchain platforms computational nodes and in the form of an account balance, not as a digital object in the wallet software itself. Once a person controls tokens on the network, they can transfer control of those tokens to others. The sender and recipient of the tokens do not need to have a relationship with the token issuer; they simply need an Ethereum address for which they control the private key. The sender initiates the transfer by cryptographically signing and submitting to the Ethereum network a message that will deduct tokens from their balance and add them to the balance of the recipients account. After the sender has used their private key to authorize the reassignment of control of some quantity of their tokens to someone else, that recipient now has the ability to use their own private key to transfer the tokens from their account balance in the same manner. Importantly, no unique digital information owned by the sender is transferred to the recipients cryptocurrency wallet. Other types of crypto tokens Since Ethereum launched, a number of other blockchain projects have appeared that also offer the capability to issue tokens. While Ethereum remains the most common platform, other platforms reported by industry data aggregator CoinMarketCap with tokens in the top 100 by market capitalization include Binance Coin, TRON, Rootstock, Omni, and Stellar. Other newer platforms that are designed for token issuance, both existing and proposed, include Algorand, Avalanche, and Libra. Despite differences in the technology underlying these platforms, the conceptualization of tokens as programmatically-defined units of value that can be transacted on those platforms and tracked via account balances, remains a common feature. In addition to fungible tokens (which have been described above in detail through explanation of the ERC-20 standard), blockchain platforms may also support non-fungible tokens. On Ethereum, there is an adopted standard for such tokens, commonly known by its proposal number ERC-721. Whereas fungible tokens can be used to represent homogenous assets such as a unit of currency or ownership of a specific quantity of gold, non-fungible tokens can be used to represent unique assets, such as a work of art or a property deed (for example, CryptoKitties). 7 8 9 10 11 12 13 14 15Any blockchain platform offering sufficiently flexible programming typically has the capability of implementing functionality for non-fungible tokens. Tokens and the central banking community The use of tokens in money and banking date back several centuries. Traditionally, the term token has been used to describe physical objects representing value, such as precious metals or official coinage that acted as symbolic representations of value and could be used to make payments. Ownership of these early tokens was determined solely by physical possession. The most common way a person could come to own a monetary token was by trading for it with goods or services. In any such trade, transfers happened bilaterally between individuals. Crucially, physical monetary systems relied heavily on the assumption that such a token was difficult to replicate. If it could be copied easily, users could effectively create their own money at will, thereby debasing its value. The exchange of tokens between individuals eventually led to the use of accounts to record asset ownership more easily and to facilitate more-complex trading and financial transactions. When combined with specialized institutions and processes, accounts allow for easy transfers between participants. Instead of carrying coins or precious metals (or any other tradeable goods, for that matter), merchants could keep accounts with a third party, such as a bank. For example, a bank in Renaissance-era Venice might have kept accounts for merchants on a paper ledger and allowed account holders to transfer balances from one person to another without any physical exchange of assets between the transacting parties. If the merchants needed physical money, they could clear out some or all of their bank account balances in exchange for an equal value in physical tokens. Cash and central bank accounts Although this idea of money existing either as physical objects or as records in a ledger predates the creation of fiat currency by states, it has obvious parallels to the central banking world. Central banks have historically issued money in two forms: cash and deposits. Cash is a physical form of money. It is widely available to the general public for a variety of uses, and it can be transferred from person to person anonymously. In addition, cash has built-in security features to make physical money easy to authenticate but difficult to counterfeit. For these reasons, cash, as we use it today, is analogous to the historical notion of a monetary token. Deposits, such as reserve and settlement balances, are an electronic form of money represented using accounts. They are typically only available to a limited set of entities, certain financial institutions and the official sector, for specific purposes. In recent years, new formulations and categorization of money have arisen. In 2009, Kahn and Roberds wrote a seminal paper on payments economics that formalized the distinction between what the authors describe as account- based payment systems and store-of-value payment systems. In their description, the essence of the dichotomy boils down to the type of verification required by each system, Verification of identity is central to accounts systems, just as counterfeit protection is central to store-of-value systems. Their formulation of money suggests that identity verification is a core distinction between an account-based payment system, such as bank deposits, and a store-of- value payment system, such as cash. In their formulation, the traditional concept of a token can be viewed as embodying the store-of-value systems. Evolution of tokens and central bank digital currency As conversations evolved within the central banking community on CBDC, the verification-based distinction between accounts and store of value (or tokens) proposed by Kahn and Roberds was extended to CBDC. A 2018 report by the Committee on Payments and Market Infrastructures and the Markets Committee, for example, described token- based systems as reliant on the ability of the users of the system to verify that the digital object (that is, a token) is genuine and not a counterfeit. The report contrasted this with the notion of account-based systems as being reliant on someone usually the asset issuer or other third party to verify a users ability to transfer an account balance by c